Jump to content
xisto Community
elevenmil

Login And Registration Mysql Problems Session terminates too quickly

Recommended Posts

Although I'm doing some tweaking, I have finally got just about everything down in developing a login feature to my website, but just one problem. The session terminates too quickly. For instance, someone will be instructed to login, and after browsing a couple pages, it'll come up again that the user is not logged in. In addtion, this occurs frequently but not all the time. What can I do that will eliminate this inconvience to my viewers?

Share this post


Link to post
Share on other sites

Although I'm doing some tweaking, I have finally got just about everything down in developing a login feature to my website, but just one problem.  The session terminates too quickly.  For instance, someone will be instructed to login, and after browsing a couple pages, it'll come up again that the user is not logged in.  In addtion, this occurs frequently but not all the time.  What can I do that will eliminate this inconvience to my viewers?

68475[/snapback]

Hmmm... use setcookie don't use session id's or go to https://www.google.com/search?q=sessions+site:php.net

Share this post


Link to post
Share on other sites

This is my login.php...your reply confused me a lot but what would I change here...? If nothing is changed here is what your talking about in my register.php?


login.php

<?/** * Checks whether or not the given username is in the * database, if so it checks if the given password is * the same password in the database for that user. * If the user doesn't exist or if the passwords don't * match up, it returns an error code (1 or 2).  * On success it returns 0. */function confirmUser($username, $password){   global $conn;   /* Add slashes if necessary (for query) */   if(!get_magic_quotes_gpc()) {	$username = addslashes($username);   }   /* Verify that user is in database */   $q = "select password from users where username = '$username'";   $result = mysql_query($q,$conn);   if(!$result || (mysql_numrows($result) < 1)){      return 1; //Indicates username failure   }   /* Retrieve password from result, strip slashes */   $dbarray = mysql_fetch_array($result);   $dbarray['password']  = stripslashes($dbarray['password']);   $password = stripslashes($password);   /* Validate that password is correct */   if($password == $dbarray['password']){      return 0; //Success! Username and password confirmed   }   else{      return 2; //Indicates password failure   }}/** * checkLogin - Checks if the user has already previously * logged in, and a session with the user has already been * established. Also checks to see if user has been remembered. * If so, the database is queried to make sure of the user's  * authenticity. Returns true if the user has logged in. */function checkLogin(){   /* Check if user has been remembered */   if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){      $_SESSION['username'] = $_COOKIE['cookname'];      $_SESSION['password'] = $_COOKIE['cookpass'];   }   /* Username and password have been set */   if(isset($_SESSION['username']) && isset($_SESSION['password'])){      /* Confirm that username and password are valid */      if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){         /* Variables are incorrect, user not logged in */         unset($_SESSION['username']);         unset($_SESSION['password']);         return false;      }      return true;   }   /* User not logged in */   else{      return false;   }}/** * Determines whether or not to display the login * form or to show the user that he is logged in * based on if the session variables are set. */function displayLogin(){   global $logged_in;   if($logged_in){?>This is a new login confirmation displayYou are logged in <b><? echo $_SESSION['username']; ?></b>, have fun. <a href="logout.php">Logout</a><br><br>Thank you.  You may close this window and access the selected pages or return back to <a href="index.html">Home</a><?   }   else{?><h1>Login</h1><br><br>There are current problems with the login feature...when logging in please use the "remember me" feature to avoid any inconviences...<br><br><br><form action="" method="post"><table align="left" border="0" cellspacing="0" cellpadding="3"><tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr><tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr><tr><td colspan="2" align="left"><input type="checkbox" name="remember"><font size="2">Remember me next time</td></tr><tr><td colspan="2" align="right"><input type="submit" name="sublogin" value="Login"></td></tr><tr><td colspan="2" align="left">Not yet registered?  Click here to <a href="register.php">Register</a></td></tr></table></form><?   }}/** * Checks to see if the user has submitted his * username and password through the login form, * if so, checks authenticity in database and * creates session. */if(isset($_POST['sublogin'])){   /* Check that all fields were typed in */   if(!$_POST['user'] || !$_POST['pass']){      die('You didn\'t fill in a required field.');   }   /* Spruce up username, check length */   $_POST['user'] = trim($_POST['user']);   if(strlen($_POST['user']) > 30){      die("Sorry, the username is longer than 30 characters, please shorten it.");   }   /* Checks that username is in database and password is correct */   $md5pass = md5($_POST['pass']);   $result = confirmUser($_POST['user'], $md5pass);   /* Check error codes */   if($result == 1){      die('That username doesn\'t exist in our database.');   }   else if($result == 2){      die('Incorrect password, please try again.');   }   /* Username and password correct, register session variables */   $_POST['user'] = stripslashes($_POST['user']);   $_SESSION['username'] = $_POST['user'];   $_SESSION['password'] = $md5pass;   /**    * This is the cool part: the user has requested that we remember that    * he's logged in, so we set two cookies. One to hold his username,    * and one to hold his md5 encrypted password. We set them both to    * expire in 100 days. Now, next time he comes to our site, we will    * log him in automatically.    */   if(isset($_POST['remember'])){      setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");      setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");   }   /* Quick self-redirect to avoid resending data on refresh */   echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";   return;}/* Sets the value of the logged_in variable, which can be used in your code */$logged_in = checkLogin();?>

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.